package com.predic8.membrane.core.interceptor.gatekeeper;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.ImmutableMap;
import com.predic8.membrane.annot.MCAttribute;
import com.predic8.membrane.annot.MCChildElement;
import com.predic8.membrane.annot.MCElement;
import com.predic8.membrane.core.Router;
import com.predic8.membrane.core.config.security.SSLParser;
import com.predic8.membrane.core.exchange.Exchange;
import com.predic8.membrane.core.http.Request;
import com.predic8.membrane.core.http.Response;
import com.predic8.membrane.core.interceptor.AbstractInterceptor;
import com.predic8.membrane.core.interceptor.Outcome;
import com.predic8.membrane.core.interceptor.acl.Ip;
import com.predic8.membrane.core.transport.http.HttpClient;
import com.predic8.membrane.core.transport.http.HttpServerHandler;
import com.predic8.membrane.core.transport.http.client.HttpClientConfiguration;
import com.predic8.membrane.core.transport.ssl.SSLContext;
import com.predic8.membrane.core.transport.ssl.StaticSSLContext;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@MCElement(name = "routerIpResolver")
/* loaded from: input_file:WEB-INF/lib/service-proxy-core-5.7.4.jar:com/predic8/membrane/core/interceptor/gatekeeper/RouterIpResolverInterceptor.class */
public class RouterIpResolverInterceptor extends AbstractInterceptor {
    private HttpClientConfiguration httpClientConfiguration;
    private SSLParser sslParser;
    private HttpClient httpClient;
    private SSLContext sslContext;
    private int port;
    private final Logger LOG = LoggerFactory.getLogger((Class<?>) RouterIpResolverInterceptor.class);
    private List<String> routerIps = new ArrayList();
    private ObjectMapper om = new ObjectMapper();
    private Outcome errorOutcome = Outcome.ABORT;

    public RouterIpResolverInterceptor() {
        this.name = "Router IP";
    }

    @Override // com.predic8.membrane.core.interceptor.AbstractInterceptor, com.predic8.membrane.core.interceptor.Interceptor
    public String getShortDescription() {
        return "Resolve actual IP addresses in redundant router configuration scenarios.";
    }

    public String getRouterIps() {
        return String.join(",", this.routerIps);
    }

    @MCAttribute
    public void setRouterIps(String str) {
        this.routerIps = Arrays.asList(str.split(","));
    }

    public HttpClientConfiguration getHttpClientConfiguration() {
        return this.httpClientConfiguration;
    }

    public int getPort() {
        return this.port;
    }

    @MCAttribute
    public void setPort(int i) {
        this.port = i;
    }

    public Outcome getErrorOutcome() {
        return this.errorOutcome;
    }

    @MCAttribute
    public void setErrorOutcome(Outcome outcome) {
        this.errorOutcome = outcome;
    }

    @MCChildElement(order = 10)
    public void setHttpClientConfiguration(HttpClientConfiguration httpClientConfiguration) {
        this.httpClientConfiguration = httpClientConfiguration;
    }

    public SSLParser getSslParser() {
        return this.sslParser;
    }

    @MCChildElement(order = 20)
    public void setSslParser(SSLParser sSLParser) {
        this.sslParser = sSLParser;
    }

    @Override // com.predic8.membrane.core.interceptor.AbstractInterceptor, com.predic8.membrane.core.interceptor.Interceptor
    public void init(Router router) throws Exception {
        super.init(router);
        this.httpClient = router.getHttpClientFactory().createClient(this.httpClientConfiguration);
        if (this.sslParser != null) {
            this.sslContext = new StaticSSLContext(this.sslParser, router.getResolverMap(), router.getBaseLocation());
        }
    }

    @Override // com.predic8.membrane.core.interceptor.AbstractInterceptor, com.predic8.membrane.core.interceptor.Interceptor
    public Outcome handleRequest(Exchange exchange) throws Exception {
        String remoteAddrIp = exchange.getRemoteAddrIp();
        if (!this.routerIps.contains(remoteAddrIp)) {
            return Outcome.CONTINUE;
        }
        try {
            int port = ((HttpServerHandler) exchange.getHandler()).getSourceSocket().getPort();
            this.LOG.debug("remoteIp is a router, resolving port=" + port + " ip=" + exchange.getRemoteAddrIp());
            Exchange buildExchange = new Request.Builder().post("https://" + remoteAddrIp + (this.port == 0 ? "" : ":" + this.port)).body(this.om.writeValueAsString(ImmutableMap.of("port", (String) Integer.valueOf(port), Ip.ELEMENT_NAME, exchange.getRemoteAddrIp()))).buildExchange();
            if (this.sslContext != null) {
                buildExchange.setProperty(Exchange.SSL_CONTEXT, this.sslContext);
            }
            Response response = this.httpClient.call(buildExchange).getResponse();
            String bodyAsStringDecoded = response.getBodyAsStringDecoded();
            if (response.getStatusCode() == 200) {
                exchange.setRemoteAddrIp((String) ((Map) this.om.readValue(bodyAsStringDecoded, Map.class)).get(Ip.ELEMENT_NAME));
                return Outcome.CONTINUE;
            }
            this.LOG.warn("Error during remote IP lookup on router " + remoteAddrIp);
            return this.errorOutcome;
        } catch (Exception e) {
            this.LOG.error("", (Throwable) e);
            return this.errorOutcome;
        }
    }
}
